lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
From: Ian.Latter at mq.edu.au (Ian Latter)
Subject: Is the FBI using email Web bugs?



Your average proxy server won't allow connectivity to those low
ports; mostly due to a spatter of mischeif in the early-mid 90's --
including using the service to send spam mail, and cute attacks
in the order of links like http://server.anywhere.org:19/







----- Original Message -----
>From: "Poof" <gui@...dessmoon.org>
>To: "'Gregh'" <chows@...mail.com.au>
>Subject:  RE: [Full-Disclosure] Is the FBI using email Web bugs?
>Date: Wed, 07 Jan 2004 21:22:54 -0500
>
> Actually- the problem with that is that fine... it won't allow any ports
> except for the needed 25/110/143... Then what's to stop an image from using
> http://www.spamsite.com:25/110/phonehome.jpg?emailaddress(or whatever)
> 
> .... Nothing!
> 
> Nice try though... Best protection is through your email client. O2K3 does
> it native ^^
> 
> ~
> 
> > -----Original Message-----
> > From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-
> > admin@...ts.netsys.com] On Behalf Of Ben Nelson
> > Sent: Wednesday, January 07, 2004 7:34 PM
> > To: Gregh
> > Cc: full-disclosure@...ts.netsys.com
> > Subject: Re: [Full-Disclosure] Is the FBI using email Web bugs?
> > 
> > Gregh wrote:
> > > wont listen. In Zone Alarm you can tell it to DISALLOW Outlook Express
> > (or
> > > whatever you like) access to different ports. So, I tell it to disallow
> > > access to or from port 80 by OE. Thus, a received HTML email with pics
> > and
> > > such in it just shows blanks, "x" or placeholders, really. Now, while
> > saying
> > > this, if you decided to use some other port to report back on, sure, you
> > > would get around this but the majority of spam operators who spam you
> > don't
> > > require JUST the "click to remove" to be clicked to verify you DO exist
> > thus
> > > send more spam and sell the address to another spammer. They also have
> > port
> > > 80 and if the email is clicked on by a typical OE setup, just to delete,
> > it
> > > "phones home". For those described earlier in this paragraph, ZA
> > blocking OE
> > > in/out on port 80 stops most of the phone home stuff.
> > 
> > Couldn't you just block all port access from OE *EXCEPT* those that are
> > needed? (probably 25, 110, 143)
> > 
> > --Ben
> > 
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 

--
Ian Latter
Internet and Networking Security Officer
Macquarie University

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ